Cybercriminals are using display name spoofing and stylized HTML templates to lure victims into clicking on phishing links in Outlook 365 and then entering their credentials into fraudulent websites.